We use cookies to ensure that we give you the best experience on our website. By continuing your visit on the website, you consent to the use of the cookies. If you want to find out more about the cookies we use, you can access our Privacy Policy.
How do you defend your network using a blacklist when the data is constantly changing? Fuzzy logic can identify near-matches for field values by calculating a string similarity score using algorithms like Levenshtein. This can be done in Splunk with the help of a FREE app. Come learn all about Fuzzylookup with legendary Splunk User J.R. Murray!
About this event
How do you defend your network using a blacklist when the data is constantly changing? Adversaries can easily obscure data with small changes and blacklisting is suddenly useless... until now. Fuzzy logic can identify near-matches for field values by calculating a string similarity score using algorithms like Levenshtein. Now your blacklist for entry for johnny123@badactor.ru could match similar values like john123@badactor.ru or johnny000@badactor.ru. Join us to take a deep dive into the app that makes this possible on a larger scale, Fuzzylookup.
Speaker
J.R. Murray
deductiv
Managing Principle
When
Wednesday, January 13, 2021 12:00 AM – 3:00 AM UTC
